Malware on Android: is it really the problem security companies tout it to be?
You’ve heard it a thousand times - Android is full of malware, viruses, and who knows what. It is just not secure, you need an antivirus app, just like on Windows, and the list of myths just snowballs from there.
"Damage to the OS" is the keyword when we speak about malware. To understand why they are irrelevant on Android, we have to focus on the way Google built its platform, using a model called sandboxing. In a nutshell, the sandboxing idea is that apps only get a limited “sandbox” where they operate.
Everything out of the sandbox is something apps don’t have access to. This contrasts with the way Windows for example treats apps where they can do everything the user can. That’s not the case on Android (and iOS too). Malicious apps simply won’t be able to access the low-level system files and break your system.
Malware and scaremongering
This does not stop security companies from repeating the malware mantra, though. Earlier in 2012, security company Sophos claimed a game called “The Roar of the Pharaoh” was actually a trojan that could steal your phone number and IMEI. Only slight issue is the app was never on Google Play, but rather on a conveniently unnamed “unofficial download sites.”
McAfee also jumped in on the scare train saying some phones were infected with two new Android viruses in 2011, the NickiSpy and GoldenEagle viruses. Interestingly, later on it was confirmed that the NickiSpy virus was found on between 0 and 49 Android devices. That’s practically zero given the fact that Android grows by 1.3 million devices per day. Most recently, McAfee tried to scare Android users again reporting on malware supposedly increasing by 700% on Android. Truth is, the report never mentions the Google Play store, but rather looks at all kinds of third-party stores and websites. Again, simple common sense would tell you not to download anything from there.
Do anti-virus apps work on Android?
Sandboxing however also means that anti-virus apps are largely useless against malware. Why? For the very same reason - they don’t have access to the low level system files, so they cannot protect them. Remember Google engineer Chris DiBona’s eye-opening Google Plus post. Here is the essence of it:
"Virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS. They are charlatans and scammers."
But anti-virus apps do exist on Android, and question remains what is their function? At best, they will check your existing applications against a list of corrupt third-party apps, but nothing more.
The fact that Android has no malware doesn’t mean it is 100% free of security problems. While the sandboxing model protects your device, it cannot protect you from yourself.
Fake apps and premium texting apps exist
The reality of the situation is that there are generally two types of corrupt applications - rogueware and spyware on one hand, and dialer and texting apps that will hit your phone bill on the other.
Again, if you stick with common sense and don’t install unknown apps from all kinds of suspicious sources, you’d be fine. A universal solution would be not to allow apps from unknown sources on your device. For this, you simply head into settings and disable the ‘Unknown Sources’ option (which should be disabled by default).
The most common problem now seems to be fake apps that would blow up with pop-ups for the few days they are allowed on Google Play. But that’s not really the malware you should be terribly worried about.
To quickly recap, malware on Android is not the issue some want you to believe it is. The sandboxing model keeps your phone safe, and common sense and the Google Play market make it bullet-proof against spyware and other corrupt apps. Everything else boils down to scaremongering and third-partyapp catalogs, and you already know you shouldn't download anything from there, don't you?